Blog Posts Tagged with "Espionage"

“Embedding these capabilities in any network means…(that) they can then intercept and control those networks... I am so worried about Chinese cyber warfare threats, their abilities to monitor and remotely shut down international communications networks, including critical infrastructure networks"...

There is speculation of purposeful backdoor implementations for monitoring by the US government in the name of national security. If there is the ability for a government to monitor communications, how can we be assured that another government is not using the same means, but for different purpose?

What Flame is doing in the Middle East attacks can be done in other countries, even the ones releasing the attack. The technical nature of computer virus propagation could leak the virus to unintended areas, as happened with Stuxnet. Playing with these vulnerabilities is like playing with fire...

Some antivirus providers were ready with a fix for Flame. This information, together with evidence that the malware dates to at least 2010, would lead me to believe that the major security companies were aware of Flame and have been silent because of agreements with Western governments...

I'm beginning to wonder what's going on over at Kaspersky Labs. Kaspersky Labs has called a virus whose only purpose is to steal data a "cyber weapon". Come on, guys. Espionage is not warfare and never has been. Hence a tool created solely to conduct cyber espionage cannot also be legitimately called a cyber weapon...

News has been circulating on internet about a microchip used by the US military and manufactured in China that contains a secret "backdoor" that makes possible remote control of devices utilizing it. Security expert Robert Graham has declared that the bug is merely for debugging operations...

Hackers have written an HTTPS protocol scanner to find weaknesses in the NASA website. A NASA spokesman hasn't denied the hack, and the agency is investigating the event. Is it an isolated operation conducted by a group of hackers, or a state-sponsored act of cyberwar?

"ZTE's Score M ships with an application featuring a hardcoded password that gives the user... administrator-level access. Running the program with the password spawns a root shell prompt on the Linux-powered mobes, allowing the phone to be completely taken over..."

One of the most interesting facts extracted from the report is that the MIVD will focus the majority of its cyber warfare efforts in countering espionage. Given that this is probably the most tangible and widely represented cyber activity currently employed, this is a wise choice...

"We continue to see China expressing interest in making investments to improve their capacity for operations in cyberspace, and that is something that we pay very, very careful attention to. There is the potential for these types of operations to be very disruptive..."

"In 2011, computer networks and systems around the world continued to be targets of intrusions and data theft, many of which originated within China. Although some of the targeted systems were U.S. government-owned, others were commercial networks owned by private companies..."

“From a technical perspective, Project Enlightenment is another example of increasingly common cyber espionage activities. While the attack method was simple, it successfully compromised dozens of organizations and bypassed their existing security and detection measures...."

“If this represents the official line of thinking, this means that the prospects are not good that a limited conflict in a Taiwan Straits would remain localized to that geography without escalating into an all-out war,” said Chinese cyber warfare expert Dmitri Alperovitch...

When the largest security companies in the world have had their source code stolen by hackers, our present security model is broken. Matt Brazil, a former U.S. embassy commercial officer in Beijing, will show executives how to survive in China without losing their secrets...

Finally the Dutch intelligence service AIVD has started warning the people about Chinese cyber espionage practices against Dutch firms. The Chinese government is actively recruiting Chinese researchers and technical experts to work for them in foreign countries...

“Using a person on the ground would greatly increase the probability of computer infection, as opposed to passively waiting for the software to spread through the computer facility. 'Iranian double agents' would have helped to target the most vulnerable spots in the system...”